DuendeArchive · brockallen · Feb 27, 2024 · Feb 17, 2024 · Feb 17, 2024 · Feb 17, 2024
diff --git a/src/DPoP/DPoP.csproj b/src/DPoP/DPoP.csproj
@@ -39,9 +39,9 @@
     </ItemGroup>
 
     <ItemGroup>
-        <PackageReference Include="IdentityModel" Version="6.2.0" />
+        <PackageReference Include="IdentityModel" Version="7.0.0-preview.2" />
         <PackageReference Include="minver" Version="4.3.0" PrivateAssets="All" />
-        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.30.0" />
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.3.1" />
 
         <PackageReference Include="Microsoft.Extensions.Logging" Version="6.0.0" />
         <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1" PrivateAssets="All" />

diff --git a/src/DPoP/DPoPProofTokenFactory.cs b/src/DPoP/DPoPProofTokenFactory.cs
@@ -43,21 +43,21 @@ public DPoPProof CreateProofToken(DPoPProofRequest request)
         object jwk;
         if (string.Equals(jsonWebKey.Kty, JsonWebAlgorithmsKeyTypes.EllipticCurve))
         {
-            jwk = new
+            jwk = new Dictionary<string, object>
             {
-                kty = jsonWebKey.Kty,
-                x = jsonWebKey.X,
-                y = jsonWebKey.Y,
-                crv = jsonWebKey.Crv
+                { "kty", jsonWebKey.Kty },
+                { "x", jsonWebKey.X },
+                { "y", jsonWebKey.Y },
+                { "crv", jsonWebKey.Crv }
             };
         }
         else if (string.Equals(jsonWebKey.Kty, JsonWebAlgorithmsKeyTypes.RSA))
         {
-            jwk = new
+            jwk = new Dictionary<string, object>
             {
-                kty = jsonWebKey.Kty,
-                e = jsonWebKey.E,
-                n = jsonWebKey.N
+                { "kty", jsonWebKey.Kty },
+                { "e", jsonWebKey.E },
+                { "n", jsonWebKey.N }
             };
         }
         else

diff --git a/src/IdentityTokenValidator/IdentityTokenValidator.csproj b/src/IdentityTokenValidator/IdentityTokenValidator.csproj
@@ -36,7 +36,7 @@
     <ItemGroup>
         <PackageReference Include="minver" Version="4.3.0" PrivateAssets="All" />
 
-        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.30.0" />
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.3.1" />
         <PackageReference Include="Microsoft.Extensions.Logging" Version="6.0.0" />
         <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1" PrivateAssets="All" />
     </ItemGroup>

diff --git a/src/IdentityTokenValidator/JwtHandlerIdentityTokenValidator.cs b/src/IdentityTokenValidator/JwtHandlerIdentityTokenValidator.cs
@@ -81,7 +81,7 @@ public async Task<IdentityTokenValidationResult> ValidateAsync(string identityTo
                 };
             }
 
-            var result = ValidateSignature(identityToken, handler, parameters, options, logger);
+            var result = await ValidateSignatureAsync(identityToken, handler, parameters, options, logger);
             if (result.IsValid == false)
             {
                 if (result.Exception is SecurityTokenSignatureKeyNotFoundException)
@@ -123,7 +123,7 @@ public async Task<IdentityTokenValidationResult> ValidateAsync(string identityTo
             };
         }
 
-        private TokenValidationResult ValidateSignature(string identityToken, JsonWebTokenHandler handler, TokenValidationParameters parameters, OidcClientOptions options, ILogger logger)
+        private async Task<TokenValidationResult> ValidateSignatureAsync(string identityToken, JsonWebTokenHandler handler, TokenValidationParameters parameters, OidcClientOptions options, ILogger logger)
         {
             if (parameters.RequireSignedTokens)
             {
@@ -174,7 +174,7 @@ private TokenValidationResult ValidateSignature(string identityToken, JsonWebTok
                 parameters.IssuerSigningKeys = keys;
             }
 
-            return handler.ValidateToken(identityToken, parameters);
+            return await handler.ValidateTokenAsync(identityToken, parameters);
         }
 
         private static string CheckRequiredClaim(ClaimsPrincipal user)

diff --git a/src/OidcClient/OidcClient.csproj b/src/OidcClient/OidcClient.csproj
@@ -40,7 +40,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="IdentityModel" Version="6.2.0" />
+    <PackageReference Include="IdentityModel" Version="7.0.0-preview.2" />
     <PackageReference Include="minver" Version="4.3.0" PrivateAssets="All" />
 
     <PackageReference Include="Microsoft.Extensions.Logging" Version="6.0.0" />

diff --git a/test/DPoPTests/DPoPTests.csproj b/test/DPoPTests/DPoPTests.csproj
@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
     <PropertyGroup>
-        <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
+        <TargetFrameworks>net8.0</TargetFrameworks>
     </PropertyGroup>
 
     <PropertyGroup>
@@ -17,9 +17,9 @@
 
     <ItemGroup>
 		<FrameworkReference Include="Microsoft.AspNetCore.App" />
-		<PackageReference Include="Microsoft.AspNetCore.TestHost" Version="6.0.0" />
-		<PackageReference Include="Duende.IdentityServer" Version="6.3.0" />
-		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.0" />
+		<PackageReference Include="Microsoft.AspNetCore.TestHost" Version="8.0.2" />
+		<PackageReference Include="Duende.IdentityServer" Version="7.0.1" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.2" />
 
         <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.9.4" />
         <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3" />

diff --git a/test/DPoPTests/Framework/DPoP/DPoPJwtBearerEvents.cs b/test/DPoPTests/Framework/DPoP/DPoPJwtBearerEvents.cs
@@ -1,5 +1,6 @@
 using IdentityModel;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Options;
 using Microsoft.Net.Http.Headers;
 using System.Text;
@@ -130,7 +131,7 @@ public override Task Challenge(JwtBearerChallengeContext context)
             }
         }
 
-        context.Response.Headers.Add(HeaderNames.WWWAuthenticate, sb.ToString());
+        context.Response.Headers.Append(HeaderNames.WWWAuthenticate, sb.ToString());
 
 
         if (context.HttpContext.Items.ContainsKey("DPoP-Nonce"))

diff --git a/test/DPoPTests/Framework/DPoP/DPoPProofValidator.cs b/test/DPoPTests/Framework/DPoP/DPoPProofValidator.cs
@@ -130,7 +130,7 @@ protected virtual Task ValidateHeaderAsync(DPoPProofValidatonContext context, DP
             return Task.CompletedTask;
         }
 
-        if (!token.TryGetHeaderValue<IDictionary<string, object>>(JwtClaimTypes.JsonWebKey, out var jwkValues))
+        if (!token.TryGetHeaderValue<JsonElement>(JwtClaimTypes.JsonWebKey, out var jwkValues))
         {
             result.IsError = true;
             result.ErrorDescription = "Invalid 'jwk' value.";
@@ -169,7 +169,7 @@ protected virtual Task ValidateHeaderAsync(DPoPProofValidatonContext context, DP
     /// <summary>
     /// Validates the signature.
     /// </summary>
-    protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context, DPoPProofValidatonResult result)
+    protected virtual async Task ValidateSignatureAsync(DPoPProofValidatonContext context, DPoPProofValidatonResult result)
     {
         TokenValidationResult tokenValidationResult;
 
@@ -185,27 +185,27 @@ protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context,
             };
 
             var handler = new JsonWebTokenHandler();
-            tokenValidationResult = handler.ValidateToken(context.ProofToken, tvp);
+            tokenValidationResult = await handler.ValidateTokenAsync(context.ProofToken, tvp);
         }
         catch (Exception ex)
         {
             Logger.LogDebug("Error parsing DPoP token: {error}", ex.Message);
             result.IsError = true;
             result.ErrorDescription = "Invalid signature on DPoP token.";
-            return Task.CompletedTask;
+            return;
         }
 
         if (tokenValidationResult.Exception != null)
         {
             Logger.LogDebug("Error parsing DPoP token: {error}", tokenValidationResult.Exception.Message);
             result.IsError = true;
             result.ErrorDescription = "Invalid signature on DPoP token.";
-            return Task.CompletedTask;
+            return;
         }
 
         result.Payload = tokenValidationResult.Claims;
 
-        return Task.CompletedTask;
+        return;
     }
 
     /// <summary>

diff --git a/test/JwtValidationTests/Infrastructure/Crypto.cs b/test/JwtValidationTests/Infrastructure/Crypto.cs
@@ -78,7 +78,7 @@ public static IdentityModel.Jwk.JsonWebKeySet CreateKeySet(RsaSecurityKey key)
         public static string CreateJwt(RsaSecurityKey key, string issuer, string audience, params Claim[] claims)
         {
             var jwtClaims = new List<Claim>(claims);
-            jwtClaims.Add(new Claim(JwtClaimTypes.IssuedAt, "now"));
+            jwtClaims.Add(new Claim(JwtClaimTypes.IssuedAt, DateTime.UtcNow.Ticks.ToString(), ClaimValueTypes.Integer64));
 
             SigningCredentials credentials = null;
             if (key != null)

diff --git a/test/JwtValidationTests/Infrastructure/NetworkHandler.cs b/test/JwtValidationTests/Infrastructure/NetworkHandler.cs
@@ -5,6 +5,7 @@
 using System;
 using System.Net;
 using System.Net.Http;
+using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -86,11 +87,11 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
             {
                 if (_selector != null)
                 {
-                    response.Content = new StringContent(_selector(request));
+                    response.Content = new StringContent(_selector(request), Encoding.UTF8, "application/json");
                 }
                 else
                 {
-                    response.Content = new StringContent(_document);
+                    response.Content = new StringContent(_document, Encoding.UTF8, "application/json");
                 }
             }
 

diff --git a/test/OidcClient.Tests/Infrastructure/NetworkHandler.cs b/test/OidcClient.Tests/Infrastructure/NetworkHandler.cs
@@ -5,6 +5,7 @@
 using System;
 using System.Net;
 using System.Net.Http;
+using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -86,11 +87,11 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
             {
                 if (_selector != null)
                 {
-                    response.Content = new StringContent(_selector(request));
+                    response.Content = new StringContent(_selector(request), Encoding.UTF8, "application/json");
                 }
                 else
                 {
-                    response.Content = new StringContent(_document);
+                    response.Content = new StringContent(_document, Encoding.UTF8, "application/json");
                 }
             }
 

diff --git a/test/OidcClient.Tests/OidcClient.Tests.csproj b/test/OidcClient.Tests/OidcClient.Tests.csproj
@@ -16,7 +16,7 @@
     </ItemGroup>
 
     <ItemGroup>
-        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.12.0"/>
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.3.1"/>
 
         <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.9.4"/>
         <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3"/>